smaak 0.1.16 → 0.1.17

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 5b17b6238e6f860b8293578eceaa0d2da63a5252
-  data.tar.gz: b916802eb239649714875b84af5db205b7cccedc
+  metadata.gz: f45f06921b628e88bdca56b549ece83df6ec865c
+  data.tar.gz: 2e1c446e1f3f3eed67162ca298e8ad88dc75d000
 SHA512:
-  metadata.gz: 926a5f1c180262e6026a0281e1a3d4e25dc54025877b4fd95dbebf2d2ee7760158e1b50a9053bd9b48e6ab5f9347681e5b051a2b1a3c9dd68b75fe2f48efbfba
-  data.tar.gz: 093925f1559c600eaa38806d2f067f052a27fb20b70d8808c0ad9188e1e327a9ecd2e1ff53b3118f06bd900a6a2c6389016088e2e318378dd50affe830413812
+  metadata.gz: 99d952eb0657697c4247f6d5fc1c4fb0e37ce320d31fa8ad483e008becd1958a05225cd7bbd64ed004d2e19d1df16faccd5ea80b835497e920dbdeb19f50cb0a
+  data.tar.gz: 95b53689765041860e3dcb3b5a652fb98409facf274596ce88c06fc74f897813140e134391209983268f11ea843542d907fa1ed66da0add5b8ecb6332b0d447d

data/.gitignore

@@ -5,3 +5,4 @@ Gemfile.lock
 backup
 doc
 prototype
+.byebug_history

data/README.md

@@ -44,6 +44,11 @@ When setting up a Smaak::Server, tell the server of your SmaakService and verify
       end
     end
 
+Note: verification of intended recipient can be disabled, e.g. in cases of dynamic
+trust stores as follows. USE WITH CAUTION:
+
+    server.verify_recipient = false
+
 ### Example Client
 
 A Smaak::Client operates on an instance of an HTTP request. The Smaak module can be told about different request technology implementations by providing an adaptor to a request technology (Smaak::add_request_adaptor). The gem ships with a Net::HTTP adaptor. Call Smaak::create_adaptor with your request to get an instance of an adaptor.

data/lib/smaak/server.rb

@@ -6,10 +6,12 @@ module Smaak
   class Server < Associate
     attr_accessor :nonce_store
     attr_reader :private_key
+    attr_accessor :verify_recipient
 
     def initialize
       super
       @nonce_store = Persistent::Cache.new("nonce_store", @token_life, Persistent::Cache::STORAGE_RAM)
+      @verify_recipient = true
     end
 
     def set_public_key(key)
@@ -45,7 +47,7 @@ module Smaak
         return false
       end
       puts "[smaak error]: public key not set. Did you call set_public_key() ?" if @key.nil?
-      if not auth_message.intended_for_recipient?(@key.export)
+      if (@verify_recipient) and (not auth_message.intended_for_recipient?(@key.export))
         puts "[smaak error]: message not intended for this recipient"
         return false
       end

data/lib/smaak/version.rb

@@ -1,3 +1,3 @@
 module Smaak
-  VERSION = "0.1.16"
+  VERSION = "0.1.17"
 end

data/spec/lib/smaak/server_spec.rb

@@ -145,6 +145,15 @@ describe Smaak::Server do
       expect(@iut.verify_auth_message(auth_message)).to eql(false)
     end
 
+    it "should return true if the auth_message is not intended for the recipient, but recipient verification is disabled" do
+      env = @env
+      env["HTTP_X_SMAAK_RECIPIENT"] = Base64.strict_encode64("another-recipient")
+      auth_message = mock_auth_message(env)
+      @iut.verify_recipient = false
+      expect(@iut.verify_auth_message(auth_message)).to eql(true)
+      @iut.verify_recipient = true
+    end
+
     it "should return false if the auth_message's pre-shared key does not match the association's, indexed by the auth message's identifier field" do
       env = @env
       env["HTTP_X_SMAAK_PSK"] = "doesnotmatch"

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: smaak
 version: !ruby/object:Gem::Version
-  version: 0.1.16
+  version: 0.1.17
 platform: ruby
 authors:
 - Ernst van Graan
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2016-01-25 00:00:00.000000000 Z
+date: 2016-05-05 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: persistent-cache-ram